[arin-ppml] Policy Proposal: Customer Confidentiality

Ted Mittelstaedt tedm at ipinc.net
Wed Jun 10 13:50:36 EDT 2009 

Leo Bicknell wrote:
> I have an amazing sense of deja vu reading this thread.
> 
> 99% of what I have read has been written on ppml before, or said
> in a meeting in response to one of at least 5 previous proposals I
> can remember off the top of my head.
> 
> There is one thing I feel is different, which is how this interacts
> with IPv6.  That has not been discussed that much before, but is
> becoming more important by the second.
> 
> In the IPv4 world, we've decided that anyone with a /29 needs to
> be in whois.  Anyone with more than 6 computers needs to be in
> Whois.
> 
> In the IPv6 world, we've decided that anyone with a /56 and larger
> needs to be in whois.  That's potentially 2^72 computers.
> 
> So if I am a home user, small business, or whatever and have 20
> computers, I must be in SWIP if I get static IPv4, but if I get
> static IPv6 in the form of a /64 (or even a /60), then I am not.
> 
> This makes no sense to me.  Either the 20 computer user should need
> to be in whois in both cases, or not in whois in both cases.
> 


With the IPv4 world, there's 2 obvious justifications for WHOIS:

1) providing contact info for the rest of the Internet in case of problems

2) Providing assurance to the rest of the Internet that an ISP isn't 
hoarding IPv4 that they aren't using.


With an IPv6 world, #2 reason is gone.  #1 reason remains.

The sticky problem, though, is that both of these justifications are 
intertwined.

An ISP that deliberately wants to shield Bad People has lots of 
incentive to NOT provide contact info for #1.  However, they do this at 
risk of failing to provide assurance that they aren't hoarding - and 
thus run the rick of not obtaining new allocations, or even having 
existing allocations pulled.  This is reason #2

In an IPv6 world, since #2 is pointless, you now no longer have 
incentive to get the ISP who deliberately wants to shield Bad People
from prying eyes, to not do this, because the community now no
longer cares that they are hoarding.  If they want to hoard IPv6,
let them hoard!  If they never get another IPv6 allocation, so what -
that /32 will provide them with centuries of numbers to hand out to
their spammy, slimeball customers.

It's obvious that as IPv6 moves forward, ultimately, ARIN is going to 
have to take a more activist role in uncovering those ISP's who want to 
shield evildoers.

I personally don't thing the community is ready to sign off on this
yet.  Most of them are still comfortably unaware of the lengths that
truly amoral and evil criminals will go to.  But, one day, they will
understand, to their sorrow, and you will see it come about.

Ted

More information about the ARIN-PPML mailing list